Skip to content

News
Cybercrime
Risk
Policy
Privacy
Research
Cloud
Insurance

LinkedIn
Facebook

CVE-2026-42945

NGINX flaw exploited in the wild days after disclosure, VulnCheck says

News, Research, Risk, Vulnerabilities

May 18, 2026

VulnCheck says CVE-2026-42945 is being exploited in the wild in NGINX Plus and NGINX Open days after disclosure. The report also cites active exploitation of critical openDCIM flaws that can be chained toward remote code execution.
NGINX flaw left hidden for 18 years could allow remote code execution

News, Risk, Vendors, Vulnerabilities

May 14, 2026

A critical NGINX rewrite module flaw hidden for 18 years can let a remote attacker trigger code execution or denial of service with crafted requests, according to a technical analysis and vendor advisory.

About
Editorial Policy
Privacy
Contact